Your SlideShare is downloading. ×
0
ppt
ppt
ppt
ppt
ppt
ppt
ppt
ppt
ppt
ppt
ppt
ppt
ppt
ppt
ppt
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

ppt

1,366

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,366
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
22
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Extending Xen * with Intel ® Virtualization Technology 2006. 11. 13. Mobile Embedded System lab. @SNUCSE Choi, Jin-yong http://developer.intel.com/technology/itj/2006/v10i3/3-xen/4-extending-with-intel-vt.htm Vol.10 No.3, 2006, Intel ® Technology Journal
  • 2. Table of Contents <ul><li>Introduction </li></ul><ul><li>Intel ® Virtualization Technology </li></ul><ul><li>Extending Xen * with Intel ® VT </li></ul><ul><ul><li>Processor Virtualization </li></ul></ul><ul><ul><li>Memory Virtualization </li></ul></ul><ul><ul><li>Device Virtualization </li></ul></ul><ul><li>Performance Tuning VT-x Guests </li></ul><ul><li>Benchmark Performance </li></ul><ul><li>Current Status and Prospect </li></ul>
  • 3. Introduction <ul><li>Virtualization Holes (x86 virtualization on x86) </li></ul><ul><ul><li>Ring compression </li></ul></ul><ul><ul><li>Non-trapping instructions </li></ul></ul><ul><ul><li>Interrupt virtualization issues </li></ul></ul><ul><ul><li>Address space compression </li></ul></ul><ul><li>Xen provides near native performance with “paravirtualization” technique. </li></ul><ul><ul><li>But guest OSes must be modified to run on the Xen hypervisor </li></ul></ul><ul><li>SW-based virtualization requires frequent VMM intervention </li></ul>paravirtualization: modify guest OS code binary translation: modify guest OS binary “on-the-fly” HW RING0 RING1 RING2 RING3 OS APPs RING0 RING1 RING2 RING3 OSes APPs VMM VMM Ring 0? OS App Ring 3 Ring 0
  • 4. Intel ® Virtualization Technology <ul><li>What is Intel VT? (formerly known as Vanderpool) </li></ul><ul><ul><li>Silicon level virtualization support to eliminate virtualization holes </li></ul></ul><ul><ul><li>Unmodified guest OSes can be executed. </li></ul></ul><ul><ul><li>VT-x : for the IA-32 architecture </li></ul></ul><ul><ul><li>VT-i : for the Itanium architecture </li></ul></ul><ul><ul><li>VT-d : for Directed I/O </li></ul></ul><ul><ul><li>cf. AMD-V (known as Pacifica) </li></ul></ul><ul><li>Benefits with VT-x </li></ul><ul><ul><li>Reduce size and complexity of VMM SW </li></ul></ul><ul><ul><li>Reduce the need for VMM intervention </li></ul></ul><ul><ul><li>Reduce the need for memory overhead (no sidetable…) </li></ul></ul><ul><ul><li>Avoids need to modify guest OSes allowing them to run directly on the HW </li></ul></ul>Processor focus
  • 5. Intel ® Virtualization Technology (cont’d) <ul><li>VT-x : extension to the IA-32 Intel architecture </li></ul><ul><li>Virtual Machine Extension (VMX) operation </li></ul><ul><ul><li>More-privileged mode (VMX root) </li></ul></ul><ul><ul><li>Less-privileged mode (VMX non-root) </li></ul></ul><ul><ul><li>10 new VMX instructions </li></ul></ul><ul><ul><li>Virtual Machine Control Structure (VMCS) </li></ul></ul><ul><ul><ul><li>manages VM entry/exit </li></ul></ul></ul><ul><ul><ul><li>holds guest and host state </li></ul></ul></ul><ul><ul><ul><li>VMCS is created for each virtual CPU. </li></ul></ul></ul><ul><li>4 privilege levels (ring 0-3) </li></ul>VM entry VM exit Shared Physical Hardware Intel® Virtualization Technology Ring 3 Ring 0 VMX Root VMM Apps OS Apps OS VM Exit VM Entry VM VM
  • 6. Extending Xen * with Intel ® VT <ul><li>Processor Virtualization </li></ul><ul><li>Memory Virtualization </li></ul><ul><li>Device Virtualization </li></ul><ul><li>HVM (Hardware-based Virtual Machine) </li></ul><ul><ul><li>fully virtualized domain (unmodified guest OSes) </li></ul></ul><ul><li>Control Panel </li></ul><ul><ul><li>creating, controlling, and destroying HVM domains </li></ul></ul><ul><ul><li>load the guest FW into HVM domain </li></ul></ul><ul><ul><li>create the device model thread in Dom0 </li></ul></ul><ul><ul><ul><li>service I/O request </li></ul></ul></ul><ul><ul><li>then, HVM guest is started, and control is passed to the first instruction in the guest FW. </li></ul></ul><ul><ul><li>The HVM guest executes at native speed until it encounters an event that requires special handling by Xen. </li></ul></ul><ul><li>small hypervisor </li></ul>
  • 7. Processor Virtualization <ul><li>The Virtual CPU module </li></ul><ul><ul><li>provides the abstraction of processor(s) to the HVM guest. </li></ul></ul><ul><ul><li>manages the virtual processor and associated virtualization events. </li></ul></ul><ul><li>for the IA-32 architecture </li></ul><ul><ul><li>VMCS is created for each CPU in a HVM domain. </li></ul></ul><ul><ul><li>Instructions, such as CPUID , MOV from/to CR3 , are intercepted as VM exit. </li></ul></ul><ul><ul><li>Exceptions/faults, such as page fault , are intercepted as VM exit s, and virtualized exceptions/faults are injected on VM entry to guests. </li></ul></ul><ul><ul><li>External interrupts unrelated to guests are intercepted as VM exit s, and virtualized interrupts are injected on VM entry to the guests. </li></ul></ul>
  • 8. Memory Virtualization <ul><li>Xen presents the abstraction of a HW MMU to the HVM domain </li></ul><ul><li>IA-32 Memory Virtualization </li></ul><ul><ul><li>supports various kind of page table (2/3/4-level PT with 4KB size) </li></ul></ul><ul><ul><li>maintains a shadow page table for the guest. </li></ul></ul><ul><ul><li>extends Xen’s shadow page table to support both paravirtualized and fully virtualized guests. </li></ul></ul><ul><li>Optimized shadow page table management </li></ul><ul><ul><li>Shadow page table code is the most critical section for the performance </li></ul></ul><ul><ul><li>To detect any attempt to modify the guest page table, write protect the corresponding guest page table page. </li></ul></ul><ul><ul><li>Upon page fault against a guest page table, save a “snapshot” of the page and give write permission to the page </li></ul></ul><ul><ul><li>This page is then added to an “out-of-sync” list </li></ul></ul><ul><ul><li>When the flush TLB operation is executed, reflect all the entries on the “out-of-sync” list to the shadow page table </li></ul></ul>
  • 9. MMU Virtualization <ul><li>Xen/VT-x HVM implement shadow page table </li></ul><ul><ul><li>Shadow TLB is inefficient in x86 </li></ul></ul><ul><ul><ul><li>Host page fault (VM exit) is very expensive </li></ul></ul></ul><ul><ul><ul><li>Guest OS purge entire TLBs at process switch time (CR3 write) </li></ul></ul></ul><ul><ul><ul><li>Excessive page fault will be raised if implementing shadow TLB </li></ul></ul></ul><ul><ul><li>Shadow page table </li></ul></ul><ul><ul><ul><li>Much effective than shadow TLB, but </li></ul></ul></ul><ul><ul><ul><li>Duplicating page table consume both CPU cycle & memory </li></ul></ul></ul><ul><li>Xen/VT-i HVM implement shadow TLB </li></ul><ul><ul><li>Shadow TLB is highly efficient in Itanium </li></ul></ul><ul><ul><ul><li>IA-64 use RID to differentiate TLBs from different process, thus guest OS rarely flush entire TLBs </li></ul></ul></ul>
  • 10. Device Virtualization <ul><li>reuse open source QEMU project emulation module </li></ul><ul><li>run an instance of the device models in Dom0 per HVM </li></ul><ul><li>for optimization </li></ul><ul><ul><li>performance critical models are moved into the hypervisor </li></ul></ul><ul><ul><li>communication between the I/O device model and the Xen hypervisor uses a shared memory </li></ul></ul><ul><li>I/O Port Access </li></ul><ul><ul><li>port Xen’s VBD and VNIF to HVM domains </li></ul></ul><ul><li>Memory-Mapped I/O Handling </li></ul><ul><li>Interrupts Handling </li></ul><ul><ul><li>HVM guests only see virtualized external interrupts. </li></ul></ul><ul><li>Virtual Device Drivers </li></ul><ul><ul><li>define a way to allow the hypervisor to access guest virtual address </li></ul></ul><ul><ul><li>define a way to signal Xen events to the virtual driver </li></ul></ul>VM exit
  • 11. Performance Tuning VT-x Guests <ul><li>extending Xentrace to support HVM domains </li></ul><ul><ul><li>counting the occurrence of event s and their handling time in the hypervisor </li></ul></ul><ul><ul><li>tracing VT-x specific information </li></ul></ul><ul><li>extending Xenoprof to support HVM domains </li></ul><ul><ul><li>tracking clock cycle count, instruction retirements, TLB misses, and cache misses </li></ul></ul><ul><li>running a workload and obtaining information with the tools above </li></ul><ul><li>many VM exit s are caused by I/O instruction or shadow page table operations </li></ul><ul><ul><li>I/O instruction takes the longest handling time and requires a context switch to Dom0 </li></ul></ul><ul><ul><li>about 40% of the hypervisor time was spent in the shadow code </li></ul></ul>
  • 12. Performance Tuning VT-x Guests (cont’d) <ul><li>Modify reused device model (QEMU project) </li></ul><ul><ul><li>Move hot devices to hypervisor </li></ul></ul><ul><ul><ul><li>LSAPIC/IOSAPIC </li></ul></ul></ul><ul><ul><li>Buffer I/O write in hypervisor to reduce context switch </li></ul></ul><ul><ul><ul><li>Standard VGA frame buffer </li></ul></ul></ul><ul><ul><li>Enhance network device model to be event driven </li></ul></ul><ul><ul><ul><li>Reduce network package response time and thus throughput </li></ul></ul></ul><ul><ul><li>Enable DMA to reduce the excessive I/O data transfer </li></ul></ul><ul><ul><ul><li>Block device </li></ul></ul></ul><ul><li>Optimized shadow page table management </li></ul>
  • 13. Benchmark Performance <ul><li>Intel ® S3E2340 </li></ul><ul><ul><li>2.3GHz/800MHz FSB dual-core Intel ® Xeon ® processor </li></ul></ul><ul><ul><li>4GB DDR2 533 MHz memory </li></ul></ul><ul><ul><li>160GB seagate SATA HDD </li></ul></ul><ul><ul><li>Intel ® E100 Ethernet </li></ul></ul><ul><li>RHEL4U1 is used as the OS in Dom0, DomU, and HVM </li></ul><ul><li>Dom0: dual virtual CPU and 512MB memory </li></ul><ul><li>DomU & HVM: single virtual CPU, 512MB memory, and 20GB virtual disk </li></ul>
  • 14. Current Status and Prospect <ul><li>Novel and Redhat are incorporating Xen into their upcoming releases. </li></ul><ul><li>VirtualIron and XenSource are developing products that will leverage Xen and Intel VT </li></ul><ul><li>Intel VT and AMD-V products will be released very soon! </li></ul><ul><ul><li>Mainboard vendor must support these new architecture </li></ul></ul><ul><li>XenSource and Microsoft: A Strategic Relationship </li></ul><ul><li>Let’s watch how the situation develops </li></ul>
  • 15. References <ul><li>Yaozu Dong and et al., Extending Xen * with Intel ® Virtualization Technology , 2006 </li></ul><ul><li>Intel, Intel ® Vanderpool Technology for IA-32 processors (VT-x) Preliminary Specification , 2005 </li></ul><ul><li>Hugues Morin , Increasing IT Flexibility Responsiveness through Virtualization , 2006 </li></ul><ul><li>Yaozu Dong and et al., Xen and Intel ® Virtualization Technology for IA-64 , 2006 </li></ul>

×